// 
//  DotNetNuke? - http://www.dotnetnuke.com
//  Copyright (c) 2002-2006
//  by DotNetNuke Corporation
// 
//  Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated 
//  documentation files (the "Software"), to deal in the Software without restriction, including without limitation 
//  the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and 
//  to permit persons to whom the Software is furnished to do so, subject to the following conditions:
// 
//  The above copyright notice and this permission notice shall be included in all copies or substantial portions 
//  of the Software.
// 
//  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED 
//  TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 
//  THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF 
//  CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER 
//  DEALINGS IN THE SOFTWARE.
// 
using DotNetNuke.Services.Personalization;
using DotNetNuke.Security.Membership;
using DotNetNuke.Entities.Users;
using System.Web;
using DotNetNuke.Modules.IWebCSharp;
using System.Web.UI.WebControls;
using System;

namespace DotNetNuke.Modules.IWebCSharp
{
    public class IWebUserInfo
    {
        private static string GetPassword(string parmPassword, int PortalID, bool parmEncrypted)
        {

            string strPassword = "";
            if (parmEncrypted)
            {
                strPassword = HttpUtility.UrlDecode(parmPassword);
                //  Get the Encryption Key
                string strEncryptionKey = IWebController.GetIWebSettings(PortalID, "SecurityKey");
                //  Un-encrypt the password
                IWebEncryption objIWebEncryption = new IWebEncryption();
                strPassword = objIWebEncryption.DeCrypt(strPassword, strEncryptionKey);
            }
            else
            {
                strPassword = parmPassword;
            }
            return strPassword;

        }

        public static UserInfo GetUserInfo(int PortalID, string Username, string Password, bool Encrypted)
        {
            string strPassword = "";
            strPassword = GetPassword(Password, PortalID, Encrypted);
            UserLoginStatus loginStatus = new UserLoginStatus();
            return UserController.ValidateUser(PortalID, Username, strPassword, "", "", "255.255.255.1", ref loginStatus);
        }

        public static UserInfo GetUserInfo(int PortalID, int UserID, string Username, string Password, int ModuleId)
        {
            UserInfo objUser = new UserInfo();
            string strPassword = "";
            IWebEncryption objIWebEncryption = new IWebEncryption();
            string strEncryptionKey = "";

            //  Get the Encryption Key from Personalization
            PersonalizationController PersonalizationController = new PersonalizationController();
            PersonalizationInfo PersonalizationInfo = new PersonalizationInfo();
            PersonalizationInfo = PersonalizationController.LoadProfile(UserID, PortalID);

            if (!(Personalization.GetProfile(PersonalizationInfo, ModuleId.ToString(), "EncryptionKey") == null))
            {
                if (((DateTime)(Personalization.GetProfile(PersonalizationInfo, ModuleId.ToString(), "EncryptionKey_Expires"))) < DateTime.Now)
                {
                    // Expired Encryption Key
                    return objUser;
                }
                strEncryptionKey = ((string)(Personalization.GetProfile(PersonalizationInfo, ModuleId.ToString(), "EncryptionKey")));

                if (Password == strEncryptionKey)
                {
                    UserInfo AjaxUser = new UserInfo();
                    AjaxUser = UserController.GetUser(PortalID, UserID, false);
                    Password = UserController.GetPassword(ref AjaxUser, "").ToString();
                }
                else
                {
                    return objUser;
                }

                //  Unencrypt the password
                strPassword = Password;
            }

            UserLoginStatus loginStatus = new UserLoginStatus();
            return UserController.ValidateUser(PortalID, Username, strPassword, "", "", "255.255.255.1", ref loginStatus);
        }


        public static bool IsAuthorized(UserInfo UserInfo, IWebInfo IWebInfo)
        {
            DotNetNuke.Security.Roles.RoleController RoleController = new DotNetNuke.Security.Roles.RoleController();
            string[] strRoles = RoleController.GetRolesByUser(UserInfo.UserID, UserInfo.PortalID);

            if (UserInfo.IsSuperUser)
            {
                return true;
            }

            foreach (string strRole in strRoles)
            {
                if (strRole == IWebInfo.Setting)
                {
                    return true;
                }
            }

            return false;

        }


    }

}



